SPEAKEaR can be used as malware to spy through your headphones
Are you the type of security-conscious online user who has gone through the motions of placing a piece of tape on your webcam and disabling your device’s built-in microphone? Well, you may want to up your game because by the looks of it, microphone or no microphone, there is still a way to eavesdrop on you through your web-enabled electronic gadgets. To make matters worse, the eavesdropping mechanism is software-based and is deployed remotely.
Take SPEAKE(a)R, for instance, a malware developed by researchers at BenGurionUniversity, an educational institution based in Israel. The nasty bug is designed to demonstrate – and perhaps to ensure that online users remain more cautious than ever – how headphones can be turned into microphones in order to secretly and remotely record ambient noise and conversations.
Publicised sometime in November 2016, the exploits and inner workings of the new malware were shown in a YouTube video entitled SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit. One of the main goals of the researchers behind the malware was to raise awareness on the relative ease of maliciously leveraging software to control hardware – in this case, a set of headphones being repurposed into a microphone.
To enable the hack, the SPEAKE(a)R bug exploits a little-known, built-in capability of common RealTek audio codec chips. This capability involves stealthily re-tasking the audio output channel into an input channel. The bug simply harnesses this built-in feature on most computers and laptops. Through the malware, sound can be recorded even if there is no microphone and the headphones are only connected into an output-channel jack. Additionally, the BenGurionUniversity researchers said that headsets and earphones located several meters away from the source of sound can still pick up intelligible audio for the malware to record. And because RealTek audio codec chips are so widely used in desktop computers and laptops, malicious attacks patterned after the intrusion of the SPEAKE(a)R bug will be successful on computers that run on either Mac or Windows operating systems.
Recommended countermeasures include a thorough disabling of the various components of audio hardware and enabling an HD audio driver that can detect and signal an alert each time microphones are accessed, as well as modifications on existing industry policies regarding re-jacking.
The implications of the SPEAKE(a)R malware are quite extensive and downright disturbing. Add to that the deepening reach of the increasingly connected world. It is not a foolhardy notion to assume that the permutations of privacy invasion are going to grow in sophistication in the years to come.